In a distributed computing environment, resources or services that a user needs to access may be spread out across different computers. As one example, each employee in an enterprise may have a desktop or laptop computer, which accesses files stored in a central cluster of file servers. Each of these various computers may be controlled by a sign on procedure that requires presentation of credentials. For example, the user may have to enter a valid userID/password combination in order to gain access to the computer. Typically, once a user is signed onto his or her desktop or laptop, he or she does not have to enter a userID/password combination again in order to access the file server, because the file server and the user's computer are part of the same domain.
However, in some cases a user may be working in a first domain (e.g., a cluster of computers based on the UNIX operating system), and may need to access information in a second domain of a different type (e.g., an environment based on the MICROSOFT WINDOWS operating systems). The second domain may maintain its own userIDs and passwords, and may require that the user sign-on to the second domain separately. Conventionally, when the user attempts to access the second domain, the second domain will present the user with a prompt to enter a userID and password for the second domain, which is clearly an inconvenience to the user. It is desirable to allow the user to access the second domain seamlessly—i.e., given that the user has signed onto the first domain, it is desirable to allow the user to access resources and services under his corresponding userID in the second domain, without having to manually enter the userID/password combination for the second domain.
It is possible to automate the process of signing a user of the first domain onto the second domain. Thus, when a user in the first domain needs to access the second domain, a software component can tender the user's userID and password on his behalf without the user's involvement, thereby making it appear to the user as if he has seamlessly accessed the second domain. However, there are some circumstances in which it is not feasible to automate the tendering of the userID and password—e.g., where the first domain does not have access to the second domain's password list.
In view of the foregoing, there is a need for a system and method that overcome the drawbacks of the prior art.